India’s cyberwar slumber

In India, the apathy towards strengthening online security stems from the fact that the maximum attacks we have seen are defacing of sites or largely denial of services (DoS) attacks on websites. Photo: AFP

Cyberwars need to be taken seriously in a world ruled in equal measure by geopolitics and smart mobile devices that communicate with the help of the cloud.

On Tuesday, an American computer security firm Mandiant released a report alleging that advanced persistent threat (APT) groups operate in China. It added that these groups are waging a long-running and extensive cyber espionage campaign, especially in the US, with the help of direct government support. The study noted that one such group, christened APT1, targeted industries abroad that China has identified as strategic for its growth—including four of the seven strategic emerging industries that China identified in its 12th Five Year Plan.

While China expectedly rubbished the report, cyberwar has been in existence for almost a decade in some form or the other. But it was the havoc that the Stuxnet virus wreaked in September 2010 that made countries realize its potential threat. Security firm Symantec’s September 2010 data revealed there were around 100,000 infected hosts, of which nearly 59% infections were in Iran and around 10% in India.

The Stuxnet virus was injected via a universal serial bus (USB) stick and used a security breach in certain Microsoft Windows operating systems to breach a Siemens control systems called supervisory control and data acquisition (SCADA) that industries use for water management, electric power, traffic signals, mass transit, environmental control and in manufacturing (for automation).

Technology has changed the nature of war dramatically ever since the time the Greeks invaded Troy with the help of a Trojan horse, a term ironically used to describe online stealth attacks in today’s world. In India, the apathy towards strengthening online security stems from the fact that the maximum attacks we have seen are defacing of sites or largely denial of services (DoS) attacks on websites. But with the Indian government digitizing data and making them available to all citizens online besides setting up state wide area network connections and important e-governance programmes—including that of MCA 21, e-passport and e-office—India needs to wake up to the possibilities of cyberwar, especially with a neighbour such as China.

Is India prepared to withstand cyberwar on its vital e-infrastructure? Tell us at views@livemint.com